The Tallinn Manual on International Law Applicable to Cyber Warfare officially launches in London today. The Manual is the fruit of the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) headquartered in Tallinn, Estonia. Developed by a group of experts from Academic and Military backgrounds, the Manual is the end-result of 4 years work to produce an independent manual on the law governing cyber warfare. The Manual is about 215 pages long and offers insight into such issues as sovereignty, state responsibility, the use of force, the applicability of the law of armed conflict and the conduct of hostilities among others.
The Tallinn Manual on International Law Applicable to Cyber Warfare
Mar 15, 2013 12:00:00 AM / by Admin
The European Smart Grid Cyber and SCADA Security Conference
Mar 14, 2013 12:00:00 AM / by Admin
This week I attended SMi’s two day conference on European Smart Grid Cyber and SCADA Security in London. The conference was quite successful and covered a number of really interesting topics. There were some brilliant speakers which were definitely worth hearing; Patrick Miller from EnergySec, Steve Brunasso from California Water and Power, Justin Clarke from Cylance nad Jacob Ingerslec from CNA Insurance offered a lot of interesting information about the market for cybersecurity services in utilities.
Quite a few vendors that were present at the Oil and Gas Cybersecurity conference last October were here again – Waterfall, Fox IT, Cassidian, Spirent. A few more made an appearance this week – Siemens, AlertEnterprise, Cyber-Ark, Verizon, Symantec, Advantech, Norman, DNV Kema and Owl Computing Technologies. Siemens got a bit of a bashing at the last Oil & Gas, mainly due to their dominance in industrial control systems (ICS) and the number of exposed vulnerabilities (not to mention the one Stuxnet was built on). They countered for the SCADA Security conference and had a vendor stand this time around. Their presence sent a positive message about the company – they heard the grumbles and answered accordingly. They have undoubtedly put in massive effort not just to patch exploits, but to find new ones. In my opinion this hints at a possible (niche) market in more than just pen testing but actually active exploit hunting in ICS. The problem is there are no national authorities that actually do this – and this point was acutely raised by Mr Clarke. Those that do find exploits are often limited by law as to what they can disclose, even to the concerned vendors. There is a definite movement in the utilities sector that is focusing on cybersecurity – but it is constricted by tight budgets, legislation and national security.
There was a lot of talk about smart meters, but during the breaks, a few utilities company reps I spoke to said they actually wanted to know more about substations and security inside the grid. This is an interesting piece of insight that will help shape an upcoming ABI Research report on Critical Infrastructure Security for the Smart Grid. All in all, the conference offered a lot of food for thought, and some scary prospects regarding the massive delay in upgrading cybersecurity within critical infrastructures such as smart grids, traffic management and water system and the apaprent push for smart technologies within those sectors. The urgent message was undoubtedly that utility companies have to make security a priority before it's too late, and too costly.
After introducing Yolo, the first smartphone with Intel Inside in Africa, at a low price of KES 10,999 (USD 124.55) in late January 2013, Safaricom announced that it “is soon going to stop selling the cheap feature phones in all [its] retail outlets” and we “will now see the feature phones replaced by the cheap smartphones that are now readily available in the country.”
{"data": [{"Year": "2021", "Network Connectivity": 15430700000}, {"Year": "2022", "Network Connectivity": 19412100000}, {"Year": "2023", "Network Connectivity": 22509600000}, {"Year": "2024", "Network Connectivity": 27011300000}, {"Year": "2025", "Network Connectivity": 32769500000}, {"Year": "2026", "Network Connectivity": 36360800000}], "metadata": {"valuefield": "Year", "Description": "", "seriesfield": ["Network Connectivity"], "Source Table": "", "Source Product": "WP-WNGH-190", "Data Table Name": "Total Annual Edge AI Ecosystem Revenue", "Default Chart Type": "line"}}
WiFi Getting in Shape to Help Out Mobile Cellular Broadband
Mar 8, 2013 12:00:00 AM / by Admin
There was a time that WiFi was the scrappy junior cousin of cellular mobile data services. Now most mobile carriers have begun to reassess WiFi as an effective complementary wireless infrastructure for offloading flood-level amounts of data traffic from smartphones, tablets and dongles from their cellular networks.
Looking at the Samsung Galaxy S4 Launch from a NFC, Security & ID Perspective
Mar 8, 2013 12:00:00 AM / by Admin
With the launch of Samsung's new flagship next week, the Galaxy S4, I thought it time to put down some thoughts regarding what we might expect, what might it bring that we don't expect, and what impact both this device and Samsung overall might have on the market in 2013. I think it goes without saying that Samsung will be pushing the boat out with this one. It has built a leading position in smartphones and it has seen what has happened to its rivals who don't live up to the hype and expectation with each launch.
Why China Is Different, Also for Mobile Operating Systems
Mar 6, 2013 12:00:00 AM / by Admin
China’s technology ministry has published a whitepaper that criticises Android’s perceived dominance in the local smartphone market. I’d say it is thus far the strongest reminder that mobile computing in China is unlikely to follow the same path as the other major markets. It is what I have earlier identified [client access only] as one of the remaining main opportunities for the new wave of OSes that are pushing forward with the “more open than Android” proposition: namely including Firefox OS, Sailfish, Tizen, and Ubuntu. The whitepaper’s rhetoric doesn’t constitute a shove or even a push, but more of a nudge. But you know, before a push comes usually a nudge. So this space is certainly worth following in the future, for it may surprise you.
Symantec Inks Deal with Giesecke & Devrient for Partnership on Protected Mobile Security Applications
Feb 21, 2013 12:00:00 AM / by Admin
Symantec and Giesecke & Devrient (G&D) signed an agreement today to collaborate on developing protected security applications for smartphones and tablets. The partnership is significant because the collaboration will address a major obstacle in mobile security which has been holding back the reliance on smart devices for critical applications. The cooperation aims to leverage the Trusted Execution Environment (TEE), a hardware technology which aims attest the authenticity of a platform and the operating system (OS) in order to ensure that an authentic OS starts up in a trusted environment. TEE consequently allows the trusted OS to deploy addition security capabilities. G&D offers the Trusted Service Manager (TSM) and the underlying TEE to protect cryptographic keys and credentials. Symantec will use the TSM to re-enforce security in its Symantec Validation and ID Protection Service (VIP) two-factor authentication.
Tegra 4i: NVIDIA’s first integrated applications LTE processor
Feb 19, 2013 12:00:00 AM / by Admin
Vodafone Partners with Defense Contractor BAE Systems on Mobile Security
Feb 19, 2013 12:00:00 AM / by Admin
BAE Systems and Vodafone announced this week a five-year partnership to provide businesses with a range of advanced communications and security products. The collaboration will be initially focused on smartphones and tablet, with a first product announced for spring 2013: the Vodafone Mobile Threat Manager, a “cloud-based mobile security solution”. The solution looks to be a network-based one, scanning traffic on the carrier’s network for malware and other suspicious data. The cloud platform intimates that the mobile client will likely be light and able to run on a variety of different brands, ideally using minimal power and with real-time updates. More details will undoubtedly emerge closer to launch. The Threat Manager will be provided to Vodafone’s 1,500 enterprise consumers, as well as to BAE System’s 35,000 UK employees – a well-populated testing ground for the product launch.